IT Security

This International Standard provides guidance for improving the state of Cybersecurity.
It provides:

— an overview of Cybersecurity,

— an explanation of the relationship between Cybersecurity and other types of security (information, network, and internet security)

— a definition of stakeholders and a description of their roles in Cybersecurity.

— guidance for addressing common Cybersecurity issues.

— a framework to enable stakeholders to collaborate on resolving Cybersecurity issues.

Source: https://www.iso.org/standard/44375.html

This International Standard is aimed at organizations that provide services to communities in cities, and manage the resulting data, as well as decision-makers and policy developers in cities
This International Standard describes, and gives guidance on, a smart city concept model (SCCM) that can provide the basis of interoperability between component systems of a smart city, by aligning the ontologies in use across different sectors. It includes:

• concepts (e.g. ORGANIZATION, PLACE, COMMUNITY, ITEM, METRIC, SERVICE, RESOURCE).

• relationships between concepts (e.g. ORGANIZATION has RESOURCEs, EVENT at a PLACE).

Source: https://www.iso.org/standard/53302.html

ISO 15118-5:2018 specifies conformance tests in the form of an Abstract Test Suite (ATS) for a System Under Test (SUT) implementing an Electric Vehicle or Supply Equipment Communication Controller (EVCC or SECC) with support for PLC-based High Level Communication (HLC) and Basic Signaling according to ISO 15118‑3. These conformance tests specify the testing of capabilities and behaviors of an SUT, as well as checking what is observed against the conformance requirements specified in ISO 15118‑3 and against what the implementer states the SUT implementation's capabilities are.
The capability tests within the ATS check that the observable capabilities of the SUT are in accordance with the static conformance requirements defined in ISO 15118‑3. The behavior tests of the ATS examine an implementation as thoroughly as is practical over the full range of dynamic conformance requirements defined in ISO 15118‑3 and within the capabilities of the SUT (see NOTE 1). A test architecture is described in correspondence to the ATS. The conformance test cases in this part of the standard are described leveraging this test architecture and are specified in TTCN-3 Core Language for the ISO/OSI Physical and Data Link Layers (Layers 1 and 2). The conformance test cases for the ISO/OSI Network Layer (Layer 3) and above are described in ISO 15118‑4.

The OASIS PKCS 11 Technical Committee develops enhancements to improve the PKCS #11 standard for ease of use in code libraries, open source applications, wrappers, and enterprise/COTS products: implementation guidelines, usage tutorials, test scenarios and test suites, interoperability testing, coordination of functional testing, development of conformance profiles, and providing reference implementations.

ISO/IEC 19784-1:2018 defines the Application Programming Interface (API) and Service Provider Interface (SPI) for standard interfaces within a biometric system that support the provision of that biometric system using components from multiple vendors. It provides interworking between such components through adherence to this and to other International Standards.

ISO/IEC 30106-1:2016 specifies an architecture for a set of interfaces which define the OO BioAPI. Components defined in this part of ISO/IEC 30106 include a framework, Biometric Service Providers (BSPs), Biometric Function Providers (BFPs) and a component registry.

ISO/IEC 30108-1:2015 defines the architecture, operations, data elements, and basic requirements for biometric identity assurance services, a framework for the implementation of generic, biometric-based identity services within a services-oriented environment. An identity in the context of BIAS comprises a subject, biographic data, and biometric data. Other parts are intended to define specific BIAS implementations (or bindings) within specific environments, for example, SOAP web services.

ISO/IEC 19785-1:2015 defines structures and data elements for biometric information records (BIRs).
ISO/IEC 19785-1:2015 defines the concept of a domain of use to establish the applicability of a standard or specification that complies with CBEFF requirements.
ISO/IEC 19785-1:2015 defines the concept of a CBEFF patron format, which is a published BIR format specification that complies with CBEFF requirements, specified by a CBEFF patron.

The purpose of ISO/IEC 30107-1 is to provide a foundation for PAD through defining terms and establishing a framework through which presentation attack events can be specified and detected so that they can be categorized, detailed and communicated for subsequent decision making and performance assessment activities. This foundation is intended to not only introduce and frame the topics of presentation attacks and PAD but also to benefit other standards projects. This standard does not advocate a specific standard PAD method. The scope is limited to describing attacks that take place at the sensor during the presentation and collection of biometric characteristics.

The electronic version of this International Standard can be downloaded from the ISO/IEC Information Technology Task Force (ITTF) web site

Preparation of a first draft business plan - Review the task list ( N08) provided by the CEN-CLC Cybersecurity Coordination Group (CSCG) and asses how these tasks could be taken up in the upcoming TC 13 work

The WG considers national and international standards for adoption in the domain of management system standards including supporting control sets covering information and cyber security. Where not being developed by other SDO's, the WG may develop CEN/CENELEC publications in this domain.

Security evaluation and assessment